Changing lockchain-core::crypto to keybob keys. then updating all

references in lockchain-crypto to use it instead.

7 files changed, 103 insertions, 61 deletions

diff --git a/lockchain-core/src/crypto.rs b/lockchain-core/src/crypto.rs
deleted file mode 100644
index 3bba5a2..0000000
--- a/lockchain-core/src/crypto.rs
+++ /dev/null
@@ -1,12 +0,0 @@
-//! Shared cryptographic primitives for the lockchain ecosystem
-//! 
-//! This is a secure storage vault after all, we need some
-//! shared crypto helpers for all the other crates :)
-
-mod keys;
-mod utils;
-mod data;
-
-pub use self::keys::{Key, KEY_LENGTH};
-pub use self::data::PackedData;
-pub use self::utils::*;
\ No newline at end of file
diff --git a/lockchain-core/src/crypto/keys.rs b/lockchain-core/src/crypto/keys.rs
deleted file mode 100644
index 6211851..0000000
--- a/lockchain-core/src/crypto/keys.rs
+++ /dev/null
@@ -1,48 +0,0 @@
-//! A module that handles key generation and key loading
-
-use traits::AutoEncoder;
-use super::utils::{hashing, random};
-
-/// A shared key length parameter for all cryptographic operations
-/// 
-/// This is *not* ideal and should be replaced with something better
-/// at some point in the future
-pub const KEY_LENGTH: usize = 64;
-
-/// A wrapper to represent a key for encryption
-#[derive(Debug, Serialize, Deserialize, Eq, PartialEq, Clone)]
-pub struct Key {
-    pub data: Vec<u8>,
-}
-
-impl AutoEncoder for Key {}
-
-impl Key {
-
-    /// Create a new key from scratch
-    pub fn generate() -> Key {
-        let data = random::bytes(KEY_LENGTH);
-        Key { data: data }
-    }
-
-    /// Use a password as a key
-    pub fn from_password(password: &str, salt: &str) -> Key {
-        let hashed = hashing::blake2(password, salt);
-        let mut vec: Vec<u8> = Vec::new();
-        for b in &hashed {
-            vec.push(b.clone());
-        }
-        Key { data: vec }
-    }
-
-    pub fn to_vec(&self) -> Vec<u8> {
-        self.data.clone()
-    }
-
-    /// Used to get the raw data from this key, as a slice copy
-    pub fn to_slice(&self) -> [u8; KEY_LENGTH] {
-        let mut slice: [u8; KEY_LENGTH] = [0; KEY_LENGTH];
-        slice.clone_from_slice(&self.data);
-        slice
-    }
-}
diff --git a/lockchain-core/src/crypto/mod.rs b/lockchain-core/src/crypto/mod.rs
new file mode 100644
index 0000000..cbc9fb7
--- /dev/null
+++ b/lockchain-core/src/crypto/mod.rs
@@ -0,0 +1,20 @@
+//! Shared cryptographic primitives for the lockchain ecosystem
+//!
+//! This is a secure storage vault after all, we need some
+//! shared crypto helpers for all the other crates :)
+
+mod data;
+mod utils;
+
+/// We re-export keybob's API here
+mod keys {
+    use traits::AutoEncoder;
+    pub use keybob::{Key, KeyType};
+
+    impl AutoEncoder for Key {}
+    impl AutoEncoder for KeyType {}
+}
+
+pub use self::data::PackedData;
+pub use self::keys::{Key, KeyType};
+pub use self::utils::*;
diff --git a/lockchain-core/src/lib.rs b/lockchain-core/src/lib.rs
index d9b90ef..465f145 100644
--- a/lockchain-core/src/lib.rs
+++ b/lockchain-core/src/lib.rs
@@ -12,13 +12,15 @@ extern crate bcrypt;
 extern crate base64;
 extern crate blake2;
 extern crate rand;
+extern crate keybob;
 
 pub mod errors;
 pub mod traits;
 pub mod crypto;
+pub mod users;
 mod meta;
 mod record;
 
 pub use self::crypto::PackedData;
 pub use self::record::{Header, Payload, Record, EncryptedBody};
-pub use self::meta::{MetaDomain, VaultMetadata};
\ No newline at end of file
+pub use self::meta::{MetaDomain, VaultMetadata};
diff --git a/lockchain-core/src/prelude.rs b/lockchain-core/src/prelude.rs
deleted file mode 100644
index e69de29..0000000
--- a/lockchain-core/src/prelude.rs
+++ /dev/null
diff --git a/lockchain-core/src/users.rs b/lockchain-core/src/users.rs
new file mode 100644
index 0000000..34bcd42
--- /dev/null
+++ b/lockchain-core/src/users.rs
@@ -0,0 +1,38 @@
+//! User and access regulation module
+//!
+//!
+
+mod auth;
+pub use self::auth::Token;
+
+use traits::AutoEncoder;
+
+/// Specifies access to a resource
+#[derive(Serialize, Deserialize)]
+pub enum Access {
+    /// Allows access to vault metadata & index files
+    Vault(String),
+    /// Allows access to a record resource inside a vault
+    Record(String, String),
+}
+
+/// Specifies the capabilities of a user
+#[derive(Serialize, Deserialize)]
+pub enum Role {
+    Reader,
+    Editor,
+    Admin,
+}
+
+/// A generic user representation
+#[derive(Serialize, Deserialize)]
+pub struct User {
+    id: u64,
+    name: String,
+    pw_hash: String,
+    pw_salt: String,
+    role: Role,
+    access: Vec<Access>,
+}
+
+impl AutoEncoder for User {}
diff --git a/lockchain-core/src/users/auth.rs b/lockchain-core/src/users/auth.rs
new file mode 100644
index 0000000..e6e4854
--- /dev/null
+++ b/lockchain-core/src/users/auth.rs
@@ -0,0 +1,42 @@
+use crypto::random;
+
+const TOK_SIZE: usize = 64;
+
+/// An authentication token that can be compared in constant time
+/// 
+/// ```
+/// 
+/// use lockchain_core::users::auth::Token;
+/// let t1 = Token::new();
+/// let t2 = Token::new();
+/// 
+/// // Will fail, but no expose failure length
+/// assert_eq!(t1, t2);
+/// ```
+pub struct Token {
+    tok: [u8; TOK_SIZE],
+}
+
+impl Token {
+    pub fn new() -> Self {
+        let v = random::bytes(TOK_SIZE);
+        let mut tok = [0; TOK_SIZE];
+        tok.copy_from_slice(v.as_slice());
+
+        Self { tok }
+    }
+}
+
+impl PartialEq for Token {
+    fn eq(&self, other: &Self) -> bool {
+        let mut ret = true;
+        for i in 0..TOK_SIZE {
+            if self.tok[i] != other.tok[i] {
+                ret = false;
+            }
+        }
+        ret
+    }
+}
+
+impl Eq for Token {}